As we all know AEM is REST based Web application and contents of Repository can be accessed via GET call to respective path (Eg say, ".json" extension or content path with ".html" extension) and updates to Repository is possible via respective HTTP method type + API endpoint as exposed (Eg. Assets HTTP API Create Folder POST request), provided we have
Authentication and Authorization to the accessing endpoints.
Authentication is achieved using the credentials that we use to access our instance.
Eg. In our local AEM author instance, we login using admin/admin or any username as created/available in the respective instance
Authorization refers to the permissions to the path we are accessing
Eg: If we are to make GET request on /content/we-retail.html, we need to have read permission on this path.
Given this understanding, when we want to access an endpoint from our AEM instance using POSTMAN, we need to set the Authentication information via tab -> "Authorization" with respective Type. (Which would help generate an Authorization Header for making an HTTP request)
For Classic AEM instance, we need to use "Basic" Type -> respective Username and Password input as we would give in our AEM instance.
For AEMasCS instance(the one as hosted in cloud and NOT Cloud Service SDK instance), we need to use Token Based Authentication -> "Bearer" Type -> Token value as input.